UpdateNetstackIPs updates the set of local IPs that netstack should handle from nm. TODO(bradfitz): don't pass the whole netmap here; just pass the two address slice views.
(nm *netmap.NetworkMap)
| 703 | // TODO(bradfitz): don't pass the whole netmap here; just pass the two |
| 704 | // address slice views. |
| 705 | func (ns *Impl) UpdateNetstackIPs(nm *netmap.NetworkMap) { |
| 706 | var selfNode tailcfg.NodeView |
| 707 | var serviceAddrSet set.Set[netip.Addr] |
| 708 | if nm != nil { |
| 709 | ns.atomicIsLocalIPFunc.Store(ipset.NewContainsIPFunc(nm.GetAddresses())) |
| 710 | if buildfeatures.HasServe { |
| 711 | vipServiceIPMap := nm.GetVIPServiceIPMap() |
| 712 | serviceAddrSet = make(set.Set[netip.Addr], len(vipServiceIPMap)*2) |
| 713 | for _, addrs := range vipServiceIPMap { |
| 714 | serviceAddrSet.AddSlice(addrs) |
| 715 | } |
| 716 | ns.atomicIsVIPServiceIPFunc.Store(serviceAddrSet.Contains) |
| 717 | } |
| 718 | selfNode = nm.SelfNode |
| 719 | } else { |
| 720 | ns.atomicIsLocalIPFunc.Store(ipset.FalseContainsIPFunc()) |
| 721 | ns.atomicIsVIPServiceIPFunc.Store(ipset.FalseContainsIPFunc()) |
| 722 | } |
| 723 | |
| 724 | oldPfx := make(map[netip.Prefix]bool) |
| 725 | for _, protocolAddr := range ns.ipstack.AllAddresses()[nicID] { |
| 726 | ap := protocolAddr.AddressWithPrefix |
| 727 | ip := netaddrIPFromNetstackIP(ap.Address) |
| 728 | if ip == v4broadcast && ap.PrefixLen == 32 { |
| 729 | // Don't add 255.255.255.255/32 to oldIPs so we don't |
| 730 | // delete it later. We didn't install it, so it's not |
| 731 | // ours to delete. |
| 732 | continue |
| 733 | } |
| 734 | p := netip.PrefixFrom(ip, ap.PrefixLen) |
| 735 | oldPfx[p] = true |
| 736 | } |
| 737 | newPfx := make(map[netip.Prefix]bool) |
| 738 | |
| 739 | if selfNode.Valid() { |
| 740 | for _, p := range selfNode.Addresses().All() { |
| 741 | newPfx[p] = true |
| 742 | } |
| 743 | if ns.ProcessSubnets { |
| 744 | for _, p := range selfNode.AllowedIPs().All() { |
| 745 | newPfx[p] = true |
| 746 | } |
| 747 | } |
| 748 | } |
| 749 | |
| 750 | for addr := range serviceAddrSet { |
| 751 | p := netip.PrefixFrom(addr, addr.BitLen()) |
| 752 | newPfx[p] = true |
| 753 | } |
| 754 | |
| 755 | pfxToAdd := make(map[netip.Prefix]bool) |
| 756 | for p := range newPfx { |
| 757 | if !oldPfx[p] { |
| 758 | pfxToAdd[p] = true |
| 759 | } |
| 760 | } |
| 761 | pfxToRemove := make(map[netip.Prefix]bool) |
| 762 | for p := range oldPfx { |
nothing calls this directly
no test coverage detected